diff options
Diffstat (limited to 'playbooks')
67 files changed, 548 insertions, 310 deletions
| diff --git a/playbooks/adhoc/create_pv/create_pv.yaml b/playbooks/adhoc/create_pv/create_pv.yaml index 0ca040ee1..347d9f574 100644 --- a/playbooks/adhoc/create_pv/create_pv.yaml +++ b/playbooks/adhoc/create_pv/create_pv.yaml @@ -3,9 +3,8 @@  # ansible-playbook -e "cli_volume_size=1" \  #                  -e "cli_device_name=/dev/xvdf" \  #                  -e "cli_hosttype=master" \ -#                  -e "cli_env=ops" \ +#                  -e "cli_clusterid=ops" \  #                  create_pv.yaml -# FIXME: we need to change "env" to "clusterid" as that's what it really is now.  #  - name: Create a volume and attach it to master    hosts: localhost @@ -16,7 +15,7 @@      cli_volume_type: gp2      cli_volume_iops: ''      oo_name: "{{ groups['tag_host-type_' ~ cli_hosttype] | -                 intersect(groups['tag_env_' ~ cli_env]) | +                 intersect(groups['oo_clusterid_' ~ cli_clusterid]) |                   first }}"    pre_tasks:    - fail: @@ -26,7 +25,7 @@      - cli_volume_size      - cli_device_name      - cli_hosttype -    - cli_env +    - cli_clusterid    - name: set oo_name fact      set_fact: @@ -57,7 +56,7 @@      args:        tags:          Name: "pv-{{ hostvars[oo_name]['ec2_tag_Name'] }}" -        env: "{{cli_env}}" +        clusterid: "{{cli_clusterid}}"      register: voltags    - debug: var=voltags diff --git a/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml index 89128dd3c..4d32fc40b 100644 --- a/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml +++ b/playbooks/adhoc/docker_loopback_to_lvm/docker_loopback_to_direct_lvm.yml @@ -113,7 +113,7 @@      args:        tags:          Name: "{{ ec2_tag_Name }}" -        env: "{{ ec2_tag_env}}" +        clusterid: "{{ ec2_tag_clusterid }}"      register: voltags    - name: Wait for volume to attach diff --git a/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml b/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml index b4bcb25da..174cea460 100644 --- a/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml +++ b/playbooks/adhoc/grow_docker_vg/grow_docker_vg.yml @@ -151,7 +151,7 @@      args:        tags:          Name: "{{ ec2_tag_Name }}" -        env: "{{ ec2_tag_env }}" +        clusterid: "{{ ec2_tag_clusterid }}"      register: voltags    - name: check for attached drive diff --git a/playbooks/adhoc/s3_registry/s3_registry.yml b/playbooks/adhoc/s3_registry/s3_registry.yml index 071c2cf46..d409b4086 100644 --- a/playbooks/adhoc/s3_registry/s3_registry.yml +++ b/playbooks/adhoc/s3_registry/s3_registry.yml @@ -6,7 +6,7 @@  # The AWS access/secret keys should be the keys of a separate user (not your main user), containing only the necessary S3 access role.  # The 'clusterid' is the short name of your cluster. -- hosts: tag_env_{{ clusterid }}:&tag_host-type_openshift-master +- hosts: tag_clusterid_{{ clusterid }}:&tag_host-type_openshift-master    remote_user: root    gather_facts: False diff --git a/playbooks/adhoc/sdn_restart/oo-sdn-restart.yml b/playbooks/adhoc/sdn_restart/oo-sdn-restart.yml new file mode 100755 index 000000000..0dc021fbc --- /dev/null +++ b/playbooks/adhoc/sdn_restart/oo-sdn-restart.yml @@ -0,0 +1,53 @@ +#!/usr/bin/ansible-playbook +--- +#example run: +# ansible-playbook -e "host=ops-node-compute-abcde" oo-sdn-restart.yml +# + +- name: Check vars +  hosts: localhost +  gather_facts: false +  +  pre_tasks: +  - fail: +      msg: "Playbook requires host to be set" +    when: host is not defined or host == '' + +- name: Restart openshift/docker (and monitoring containers) +  hosts: oo_version_3:&oo_name_{{ host }} +  gather_facts: false +  user: root + +  tasks: +  - name: stop openshift/docker +    service: +      name: "{{ item }}" +      state: stopped +    with_items: +    - atomic-openshift-node +    - docker + +  - name: restart openvswitch +    service: +      name: openvswitch +      state: restarted + +  - name: wait 5 sec +    pause: +      seconds: 5 + +  - name: start openshift/docker +    service: +      name: "{{ item }}" +      state: started +    with_items: +    - atomic-openshift-node +    - docker + +  - name: start monitoring containers +    service: +      name: "{{ item }}" +      state: restarted +    with_items: +    - oso-f22-host-monitoring +    - oso-rhel7-zagg-client diff --git a/playbooks/adhoc/setupnfs.yml b/playbooks/adhoc/setupnfs.yml new file mode 100644 index 000000000..5f3631fcf --- /dev/null +++ b/playbooks/adhoc/setupnfs.yml @@ -0,0 +1,21 @@ +--- +### This playbook is old and we are currently not using NFS. +- hosts: tag_Name_nfs-v3-stg +  sudo: no +  remote_user: root +  gather_facts: no +  roles: +  - role: openshift_storage_nfs_lvm +    mount_dir: /exports/stg-black +    volume_prefix: "kwoodsontest" +    volume_size: 5 +    volume_num_start: 222 +    number_of_volumes: 3 +  tasks: +  - fetch: +    dest: json/ +    src: /root/"{{ item }}" +  with_items: +  - persistent-volume.kwoodsontest5g0222.json +  - persistent-volume.kwoodsontest5g0223.json +  - persistent-volume.kwoodsontest5g0224.json diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml index 9161076e5..ac20f5f9b 100644 --- a/playbooks/adhoc/uninstall.yml +++ b/playbooks/adhoc/uninstall.yml @@ -19,15 +19,19 @@        failed_when: false        register: ostree_output +      # Since we're not calling openshift_facts we'll do this for now      - set_fact:          is_atomic: "{{ ostree_output.rc == 0 }}" +    - set_fact: +        is_containerized: "{{ is_atomic or containerized | default(false) | bool }}"      - name: Remove br0 interface        shell: ovs-vsctl del-br br0        changed_when: False        failed_when: False -    - service: name={{ item }} state=stopped +    - name: Stop services +      service: name={{ item }} state=stopped        with_items:          - atomic-enterprise-master          - atomic-enterprise-node @@ -36,6 +40,7 @@          - atomic-openshift-master-controllers          - atomic-openshift-node          - etcd +        - haproxy          - openshift-master          - openshift-master-api          - openshift-master-controllers @@ -46,8 +51,10 @@          - origin-master-controllers          - origin-node          - pcsd +      failed_when: false -    - action: "{{ ansible_pkg_mgr }} name={{ item }} state=absent" +    - name: Remove packages +      action: "{{ ansible_pkg_mgr }} name={{ item }} state=absent"        when: not is_atomic | bool        with_items:          - atomic-enterprise @@ -61,6 +68,7 @@          - atomic-openshift-sdn-ovs          - corosync          - etcd +        - haproxy          - openshift          - openshift-master          - openshift-node @@ -132,14 +140,26 @@        with_items:          - registry\.access\..*redhat\.com/openshift3          - registry\.access\..*redhat\.com/aep3 +        - registry\.access\..*redhat\.com/rhel7/etcd          - docker.io/openshift      - shell:  "docker rmi -f {{ item.stdout_lines | join(' ') }}"        changed_when: False        failed_when: False        with_items: "{{ images_to_delete.results }}" +     +    - name: Remove sdn drop files +      file:  +        path: /run/openshift-sdn +        state: absent +         +    - name: restart docker +      service: +        name: docker +        state: restarted -    - file: path={{ item }} state=absent +    - name: Remove remaining files +      file: path={{ item }} state=absent        with_items:          - "~{{ ansible_ssh_user }}/.kube"          - /etc/ansible/facts.d/openshift.fact @@ -149,7 +169,15 @@          - /etc/openshift          - /etc/openshift-sdn          - /etc/origin +        - /etc/systemd/system/atomic-openshift-master.service +        - /etc/systemd/system/atomic-openshift-master-api.service +        - /etc/systemd/system/atomic-openshift-master-controllers.service +        - /etc/systemd/system/atomic-openshift-node.service +        - /etc/systemd/system/etcd_container.service +        - /etc/systemd/system/openvswitch.service          - /etc/sysconfig/atomic-enterprise-master +        - /etc/sysconfig/atomic-enterprise-master-api +        - /etc/sysconfig/atomic-enterprise-master-controllers          - /etc/sysconfig/atomic-enterprise-node          - /etc/sysconfig/atomic-openshift-master          - /etc/sysconfig/atomic-openshift-master-api diff --git a/playbooks/aws/openshift-cluster/cluster_hosts.yml b/playbooks/aws/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..d6b413c6f --- /dev/null +++ b/playbooks/aws/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,22 @@ +--- +g_etcd_hosts:   "{{ (groups['tag_host-type_etcd']|default([])) +                     | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) +                     | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_lb_hosts:     "{{ (groups['tag_host-type_lb']|default([])) +                     | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) +                     | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) +                     | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) +                     | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_node_hosts:   "{{ (groups['tag_host-type_node']|default([])) +                     | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) +                     | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_nfs_hosts:    "{{ (groups['tag_host-type_nfs']|default([])) +                   | intersect((groups['tag_environment_' ~ cluster_id]|default([]))) }}" + +g_all_hosts:    "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) +                    | union(g_lb_hosts) | default([]) }}" diff --git a/playbooks/aws/openshift-cluster/config.yml b/playbooks/aws/openshift-cluster/config.yml index 50fe42d6c..abdb23d78 100644 --- a/playbooks/aws/openshift-cluster/config.yml +++ b/playbooks/aws/openshift-cluster/config.yml @@ -1,26 +1,14 @@  --- -- hosts: localhost -  gather_facts: no -  connection: local -  become: no -  vars_files: -  - vars.yml -  tasks: -  - set_fact: -      g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" -      g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" -  - include: ../../common/openshift-cluster/config.yml +  vars_files: +  - ../../aws/openshift-cluster/vars.yml +  - ../../aws/openshift-cluster/cluster_hosts.yml    vars: -    g_etcd_hosts:   "{{ (groups['tag_host-type_etcd']|default([]))   | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" -    g_lb_hosts:     "{{ (groups['tag_host-type_lb']|default([]))     | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" -    g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" -    g_node_hosts:   "{{ (groups['tag_host-type_node']|default([]))   | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" -    g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" -    g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" +    g_ssh_user:     "{{ deployment_vars[deployment_type].ssh_user }}" +    g_sudo:         "{{ deployment_vars[deployment_type].sudo }}"      g_nodeonmaster: true      openshift_cluster_id: "{{ cluster_id }}" -    openshift_debug_level: 2 +    openshift_debug_level: "{{ debug_level }}"      openshift_deployment_type: "{{ deployment_type }}"      openshift_hostname: "{{ ec2_private_ip_address }}"      openshift_public_hostname: "{{ ec2_ip_address }}" diff --git a/playbooks/aws/openshift-cluster/list.yml b/playbooks/aws/openshift-cluster/list.yml index 8341ba9c1..8b41a355e 100644 --- a/playbooks/aws/openshift-cluster/list.yml +++ b/playbooks/aws/openshift-cluster/list.yml @@ -7,7 +7,7 @@    vars_files:    - vars.yml    tasks: -  - set_fact: scratch_group=tag_env_{{ cluster_id }} +  - set_fact: scratch_group=tag_clusterid_{{ cluster_id }}      when: cluster_id != ''    - set_fact: scratch_group=all      when: cluster_id == '' diff --git a/playbooks/aws/openshift-cluster/scaleup.yml b/playbooks/aws/openshift-cluster/scaleup.yml index 9c9118286..c2135cd03 100644 --- a/playbooks/aws/openshift-cluster/scaleup.yml +++ b/playbooks/aws/openshift-cluster/scaleup.yml @@ -7,9 +7,6 @@    vars_files:    - vars.yml    tasks: -  - set_fact: -      g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" -      g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}"    - name: Evaluate oo_hosts_to_update      add_host:        name: "{{ item }}" @@ -21,16 +18,16 @@  - include: ../../common/openshift-cluster/update_repos_and_packages.yml  - include: ../../common/openshift-cluster/scaleup.yml +  vars_files: +  - ../../aws/openshift-cluster/vars.yml +  - ../../aws/openshift-cluster/cluster_hosts.yml    vars: -    g_etcd_hosts:   "{{ (groups['tag_host-type_etcd']|default([]))   | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" -    g_lb_hosts:     "{{ (groups['tag_host-type_lb']|default([]))     | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" -    g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}"      g_new_node_hosts: "{{ groups.nodes_to_add }}" -    g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" -    g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" +    g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" +    g_sudo: "{{ deployment_vars[deployment_type].sudo }}"      g_nodeonmaster: true      openshift_cluster_id: "{{ cluster_id }}" -    openshift_debug_level: 2 +    openshift_debug_level: "{{ debug_level }}"      openshift_deployment_type: "{{ deployment_type }}"      openshift_hostname: "{{ ec2_private_ip_address }}"      openshift_public_hostname: "{{ ec2_ip_address }}" diff --git a/playbooks/aws/openshift-cluster/service.yml b/playbooks/aws/openshift-cluster/service.yml index ce0992a45..d5f7d6b19 100644 --- a/playbooks/aws/openshift-cluster/service.yml +++ b/playbooks/aws/openshift-cluster/service.yml @@ -6,6 +6,7 @@    gather_facts: no    vars_files:    - vars.yml +  - cluster_hosts.yml    tasks:    - fail: msg="cluster_id is required to be injected in this playbook"      when: cluster_id is not defined @@ -16,7 +17,7 @@        groups: g_service_masters        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -    with_items: "{{ g_master_hosts | default([]) }}" +    with_items: "{{ master_hosts | default([]) }}"    - name: Evaluate g_service_nodes      add_host: @@ -24,7 +25,7 @@        groups: g_service_nodes        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -    with_items: "{{ g_node_hosts | default([]) }}" +    with_items: "{{ node_hosts | default([]) }}"  - include: ../../common/openshift-node/service.yml  - include: ../../common/openshift-master/service.yml diff --git a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml index 1fbd71a75..6090ed6fe 100644 --- a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml @@ -2,7 +2,8 @@  - set_fact:      created_by: "{{ lookup('env', 'LOGNAME')|default(cluster, true) }}"      docker_vol_ephemeral: "{{ lookup('env', 'os_docker_vol_ephemeral') | default(false, true) }}" -    env: "{{ cluster }}" +    cluster: "{{ cluster_id }}" +    env: "{{ cluster_env }}"      host_type: "{{ type }}"      sub_host_type: "{{ g_sub_host_type }}" @@ -123,7 +124,8 @@      wait: yes      instance_tags:        created-by: "{{ created_by }}" -      env: "{{ env }}" +      clusterid: "{{ cluster }}" +      environment: "{{ cluster_env }}"        host-type: "{{ host_type }}"        sub-host-type: "{{ sub_host_type }}"      volumes: "{{ volumes }}" @@ -139,7 +141,8 @@        Name: "{{ item.0 }}"  - set_fact: -    instance_groups: "tag_created-by_{{ created_by }}, tag_env_{{ env }}, tag_host-type_{{ host_type }}, tag_sub-host-type_{{ sub_host_type }}" +    instance_groups: "tag_created-by_{{ created_by }}, tag_clusterid_{{ cluster }}, tag_environment_{{ cluster_env }}, +                    tag_host-type_{{ host_type }}, tag_sub-host-type_{{ sub_host_type }}"  - set_fact:      node_label: diff --git a/playbooks/aws/openshift-cluster/terminate.yml b/playbooks/aws/openshift-cluster/terminate.yml index aafd40c43..4b9c80b14 100644 --- a/playbooks/aws/openshift-cluster/terminate.yml +++ b/playbooks/aws/openshift-cluster/terminate.yml @@ -7,13 +7,12 @@    vars_files:    - vars.yml    tasks: -  - set_fact: scratch_group=tag_env_{{ cluster_id }}    - add_host:        name: "{{ item }}"        groups: oo_hosts_to_terminate        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -    with_items: groups[scratch_group] | default([]) | difference(['localhost']) +    with_items: (groups['tag_clusterid_' ~ cluster_id] | default([])) | difference(['localhost'])  - name: Unsubscribe VMs    hosts: oo_hosts_to_terminate @@ -29,34 +28,35 @@    connection: local    become: no    gather_facts: no -  vars: -    host_vars: "{{ hostvars -                   | oo_select_keys(groups['oo_hosts_to_terminate']) }}"    tasks:      - name: Remove tags from instances -      ec2_tag: resource={{ item.ec2_id }} region={{ item.ec2_region }} state=absent -      args: +      ec2_tag: +        resource: "{{ hostvars[item]['ec2_id'] }}" +        region: "{{ hostvars[item]['ec2_region'] }}" +        state: absent          tags: -          env: "{{ item['ec2_tag_env'] }}" -          host-type: "{{ item['ec2_tag_host-type'] }}" -          sub_host_type: "{{ item['ec2_tag_sub-host-type'] }}" -      with_items: host_vars +          environment:   "{{ hostvars[item]['ec2_tag_environment'] }}" +          clusterid:     "{{ hostvars[item]['ec2_tag_clusterid'] }}" +          host-type:     "{{ hostvars[item]['ec2_tag_host-type'] }}" +          sub_host_type: "{{ hostvars[item]['ec2_tag_sub-host-type'] }}" +      with_items: groups.oo_hosts_to_terminate        when: "'oo_hosts_to_terminate' in groups"      - name: Terminate instances        ec2:          state: absent -        instance_ids: ["{{ item.ec2_id }}"] -        region: "{{ item.ec2_region }}" +        instance_ids: ["{{ hostvars[item].ec2_id }}"] +        region: "{{ hostvars[item].ec2_region }}"        ignore_errors: yes        register: ec2_term -      with_items: host_vars +      with_items: groups.oo_hosts_to_terminate        when: "'oo_hosts_to_terminate' in groups"      # Fail if any of the instances failed to terminate with an error other      # than 403 Forbidden -    - fail: msg=Terminating instance {{ item.ec2_id }} failed with message {{ item.msg }} -      when: "'oo_hosts_to_terminate' in groups and item.failed and not item.msg | search(\"error: EC2ResponseError: 403 Forbidden\")" +    - fail: +        msg: "Terminating instance {{ item.ec2_id }} failed with message {{ item.msg }}" +      when: "'oo_hosts_to_terminate' in groups and item.has_key('failed') and item.failed"        with_items: ec2_term.results      - name: Stop instance if termination failed @@ -65,7 +65,7 @@          instance_ids: ["{{ item.item.ec2_id }}"]          region: "{{ item.item.ec2_region }}"        register: ec2_stop -      when: "'oo_hosts_to_terminate' in groups and item.failed" +      when: "'oo_hosts_to_terminate' in groups and item.has_key('failed') and item.failed"        with_items: ec2_term.results      - name: Rename stopped instances diff --git a/playbooks/aws/openshift-cluster/update.yml b/playbooks/aws/openshift-cluster/update.yml index 3df0c3f3a..32bab76b5 100644 --- a/playbooks/aws/openshift-cluster/update.yml +++ b/playbooks/aws/openshift-cluster/update.yml @@ -4,13 +4,9 @@    connection: local    become: no    gather_facts: no -  vars: -    g_etcd_hosts:   "{{ (groups['tag_host-type_etcd']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" -    g_lb_hosts:     "{{ (groups['tag_host-type_lb']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" -    g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" -    g_node_hosts:   "{{ (groups['tag_host-type_node']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}"    vars_files:    - vars.yml +  - cluster_hosts.yml    tasks:    - name: Update - Evaluate oo_hosts_to_update      add_host: @@ -18,7 +14,7 @@        groups: oo_hosts_to_update        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -    with_items: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) | default([]) }}" +    with_items: "{{ g_all_hosts | default([]) }}"  - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml index 20cc97c8a..11026e38d 100644 --- a/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +++ b/playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -2,32 +2,16 @@  # This playbook upgrades an existing AWS cluster, leaving nodes untouched if used with an 'online' deployment type.  # Usage:  #  ansible-playbook playbooks/aws/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml -e deployment_type=online -e cluster_id=<cluster_id> -- hosts: localhost -  gather_facts: no -  vars_files: -  - ../../vars.yml -  - "../../vars.{{ deployment_type }}.{{ cluster_id }}.yml" - -  tasks: -  - set_fact: -      g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" -      g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - -  - set_fact: -      tmp_nodes_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-node' }}" -    when: deployment_type != 'online' -  - include: ../../../../common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +  vars_files: +  - "{{lookup('file', '../../../../aws/openshift-cluster/vars.yml')}}" +  - "{{lookup('file', '../../../../aws/openshift-cluster/cluster_hosts.yml')}}"    vars: -    g_etcd_hosts:   "{{ (groups['tag_host-type_etcd']|default([]))   | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" -    g_lb_hosts:     "{{ (groups['tag_host-type_lb']|default([]))     | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" -    g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" -    g_node_hosts:   "{{ (groups['tag_host-type_node']|default([]))   | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" -    g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" -    g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" +    g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" +    g_sudo: "{{ deployment_vars[deployment_type].sudo }}"      g_nodeonmaster: true      openshift_cluster_id: "{{ cluster_id }}" -    openshift_debug_level: 2 +    openshift_debug_level: "{{ debug_level }}"      openshift_deployment_type: "{{ deployment_type }}"      openshift_hostname: "{{ ec2_private_ip_address }}"      openshift_public_hostname: "{{ ec2_ip_address }}" diff --git a/playbooks/aws/openshift-cluster/vars.yml b/playbooks/aws/openshift-cluster/vars.yml index 95bc4b3e2..ae12286bd 100644 --- a/playbooks/aws/openshift-cluster/vars.yml +++ b/playbooks/aws/openshift-cluster/vars.yml @@ -1,8 +1,23 @@  --- +debug_level: 2 + +deployment_rhel7_ent_base: +  # rhel-7.1, requires cloud access subscription +  image: ami-10663b78 +  image_name: +  region: us-east-1 +  ssh_user: ec2-user +  sudo: yes +  keypair: libra +  type: m4.large +  security_groups: [ 'public' ] +  vpc_subnet: +  assign_public_ip: +  deployment_vars:    origin:      # centos-7, requires marketplace -    image: ami-96a818fe +    image: ami-61bbf104      image_name:      region: us-east-1      ssh_user: centos @@ -24,15 +39,6 @@ deployment_vars:      security_groups: [ 'public' ]      vpc_subnet:      assign_public_ip: -  enterprise: -    # rhel-7.1, requires cloud access subscription -    image: ami-10663b78 -    image_name: -    region: us-east-1 -    ssh_user: ec2-user -    sudo: yes -    keypair: libra -    type: m4.large -    security_groups: [ 'public' ] -    vpc_subnet: -    assign_public_ip: +  enterprise: "{{ deployment_rhel7_ent_base }}" +  openshift-enterprise: "{{ deployment_rhel7_ent_base }}" +  atomic-enterprise: "{{ deployment_rhel7_ent_base }}" diff --git a/playbooks/byo/openshift-cluster/cluster_hosts.yml b/playbooks/byo/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..e093b2580 --- /dev/null +++ b/playbooks/byo/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,13 @@ +--- +g_etcd_hosts:   "{{ groups.etcd | default([]) }}" + +g_lb_hosts:     "{{ groups.lb | default([]) }}" + +g_master_hosts: "{{ groups.masters | default([]) }}" + +g_node_hosts:   "{{ groups.nodes | default([]) }}" + +g_nfs_hosts:   "{{ groups.nfs | default([]) }}" + +g_all_hosts:    "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) +                    | union(g_lb_hosts) | default([]) }}" diff --git a/playbooks/byo/openshift-cluster/config.yml b/playbooks/byo/openshift-cluster/config.yml index ba8fe0a52..5887b3208 100644 --- a/playbooks/byo/openshift-cluster/config.yml +++ b/playbooks/byo/openshift-cluster/config.yml @@ -1,10 +1,8 @@  ---  - include: ../../common/openshift-cluster/config.yml +  vars_files: +  - ../../byo/openshift-cluster/cluster_hosts.yml    vars: -    g_etcd_hosts: "{{ groups.etcd | default([]) }}" -    g_master_hosts: "{{ groups.masters | default([]) }}" -    g_node_hosts: "{{ groups.nodes | default([]) }}" -    g_lb_hosts: "{{ groups.lb | default([]) }}"      openshift_cluster_id: "{{ cluster_id | default('default') }}" -    openshift_debug_level: 2 +    openshift_debug_level: "{{ debug_level | default(2) }}"      openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/byo/openshift-cluster/scaleup.yml b/playbooks/byo/openshift-cluster/scaleup.yml index 8f8ef6f21..1702690f6 100644 --- a/playbooks/byo/openshift-cluster/scaleup.yml +++ b/playbooks/byo/openshift-cluster/scaleup.yml @@ -1,10 +1,8 @@  ---  - include: ../../common/openshift-cluster/scaleup.yml +  vars_files: +  - ../../byo/openshift-cluster/cluster_hosts.yml    vars: -    g_etcd_hosts: "{{ groups.etcd | default([]) }}" -    g_master_hosts: "{{ groups.masters | default([]) }}" -    g_new_node_hosts: "{{ groups.new_nodes | default([]) }}" -    g_lb_hosts: "{{ groups.lb | default([]) }}"      openshift_cluster_id: "{{ cluster_id | default('default') }}" -    openshift_debug_level: 2 +    openshift_debug_level: "{{ debug_level | default(2) }}"      openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/byo/openshift-cluster/upgrades/README.md b/playbooks/byo/openshift-cluster/upgrades/README.md index ce7aebf8e..ca01dbc9d 100644 --- a/playbooks/byo/openshift-cluster/upgrades/README.md +++ b/playbooks/byo/openshift-cluster/upgrades/README.md @@ -1,6 +1,6 @@  # Upgrade playbooks  The playbooks provided in this directory can be used for upgrading an existing -environment. Additional notes for the associated upgrade playbooks are +cluster. Additional notes for the associated upgrade playbooks are  provided in their respective directories.  # Upgrades available diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml index 56e79e8c2..b52456dcd 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_0_minor/upgrade.yml @@ -1,8 +1,11 @@  ---  - include: ../../../../common/openshift-cluster/upgrades/v3_0_minor/upgrade.yml +  vars_files: +  - "{{lookup('file', '../../../../byo/openshift-cluster/cluster_hosts.yml')}}"    vars:      g_etcd_hosts: "{{ groups.etcd | default([]) }}"      g_master_hosts: "{{ groups.masters | default([]) }}" +    g_nfs_hosts: "{{ groups.nfs | default([]) }}"      g_node_hosts: "{{ groups.nodes | default([]) }}"      g_lb_hosts: "{{ groups.lb | default([]) }}"      openshift_cluster_id: "{{ cluster_id | default('default') }}" diff --git a/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml index b4b4f3ec0..e07e2b88e 100644 --- a/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +++ b/playbooks/byo/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -1,8 +1,11 @@  ---  - include: ../../../../common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +  vars_files: +  - "{{lookup('file', '../../../../byo/openshift-cluster/cluster_hosts.yml')}}"    vars:      g_etcd_hosts: "{{ groups.etcd | default([]) }}"      g_master_hosts: "{{ groups.masters | default([]) }}" +    g_nfs_hosts: "{{ groups.nfs | default([]) }}"      g_node_hosts: "{{ groups.nodes | default([]) }}"      g_lb_hosts: "{{ groups.lb | default([]) }}"      openshift_cluster_id: "{{ cluster_id | default('default') }}" diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml index 482fa8441..11e5b68f6 100644 --- a/playbooks/common/openshift-cluster/config.yml +++ b/playbooks/common/openshift-cluster/config.yml @@ -1,8 +1,12 @@  ---  - include: evaluate_groups.yml +- include: ../openshift-docker/config.yml +  - include: ../openshift-etcd/config.yml +- include: ../openshift-nfs/config.yml +  - include: ../openshift-master/config.yml  - include: ../openshift-node/config.yml diff --git a/playbooks/common/openshift-cluster/evaluate_groups.yml b/playbooks/common/openshift-cluster/evaluate_groups.yml index 6343a2567..db7105ed5 100644 --- a/playbooks/common/openshift-cluster/evaluate_groups.yml +++ b/playbooks/common/openshift-cluster/evaluate_groups.yml @@ -21,6 +21,14 @@        msg: This playbook requires g_lb_hosts to be set      when: g_lb_hosts is not defined +  - fail: +      msg: This playbook requires g_nfs_hosts to be set +    when: g_nfs_hosts is not defined + +  - fail: +      msg: The nfs group must be limited to one host +    when: (groups[g_nfs_hosts] | default([])) | length > 1 +    - name: Evaluate oo_etcd_to_config      add_host:        name: "{{ item }}" @@ -81,3 +89,11 @@        ansible_ssh_user: "{{ g_ssh_user | default(omit) }}"        ansible_sudo: "{{ g_sudo | default(omit) }}"      with_items: "{{ g_lb_hosts | default([]) }}" + +  - name: Evaluate oo_nfs_to_config +    add_host: +      name: "{{ item }}" +      groups: oo_nfs_to_config +      ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" +      ansible_sudo: "{{ g_sudo | default(omit) }}" +    with_items: "{{ g_nfs_hosts | default([]) }}" diff --git a/playbooks/common/openshift-cluster/update_repos_and_packages.yml b/playbooks/common/openshift-cluster/update_repos_and_packages.yml index 190e2d862..88736ee03 100644 --- a/playbooks/common/openshift-cluster/update_repos_and_packages.yml +++ b/playbooks/common/openshift-cluster/update_repos_and_packages.yml @@ -4,9 +4,10 @@      openshift_deployment_type: "{{ deployment_type }}"    roles:    - role: rhel_subscribe -    when: deployment_type == "enterprise" and +    when: deployment_type in ["enterprise", "atomic-enterprise", "openshift-enterprise"] and            ansible_distribution == "RedHat" and            lookup('oo_option', 'rhel_skip_subscription') | default(rhsub_skip, True) |              default('no', True) | lower in ['no', 'false'] +          and not openshift.common.is_atomic | bool    - openshift_repos    - os_update_latest diff --git a/playbooks/common/openshift-cluster/upgrades/files/versions.sh b/playbooks/common/openshift-cluster/upgrades/files/versions.sh index c7c966b60..b46407ed7 100644 --- a/playbooks/common/openshift-cluster/upgrades/files/versions.sh +++ b/playbooks/common/openshift-cluster/upgrades/files/versions.sh @@ -1,9 +1,8 @@  #!/bin/bash -yum_installed=$(yum list installed "$@" 2>&1 | tail -n +2 | grep -v 'Installed Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ') - -yum_available=$(yum list available -q "$@" 2>&1 | tail -n +2 | grep -v 'Available Packages' | grep -v 'Red Hat Subscription Management' | grep -v 'el7ose' | grep -v 'Error:' | awk '{ print $2 }' | tr '\n' ' ') +yum_installed=$(yum list installed -e 0 -q "$@" 2>&1 | tail -n +2 | awk '{ print $2 }' | tr '\n' ' ') +yum_available=$(yum list available -e 0 -q "$@" 2>&1 | tail -n +2 | grep -v 'el7ose' | awk '{ print $2 }' | tr '\n' ' ')  echo "---"  echo "curr_version: ${yum_installed}" diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml index fc098b4ed..68df2153d 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -29,6 +29,7 @@    hosts: oo_first_master    vars:      openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" +    target_version: "{{ '1.1' if deployment_type == 'origin' else '3.1' }}"    gather_facts: no    tasks:    # Pacemaker is currently the only supported upgrade path for multiple masters @@ -45,8 +46,8 @@    - fail:        msg: >          openshift_pkg_version is {{ openshift_pkg_version }} which is not a -        valid version for a 3.1 upgrade -    when: openshift_pkg_version is defined and openshift_pkg_version.split('-',1).1 | version_compare('3.0.2.900','<') +        valid version for a {{ target_version }} upgrade +    when: openshift_pkg_version is defined and openshift_pkg_version.split('-',1).1 | version_compare(target_version ,'<')    # If this script errors out ansible will show the default stdout/stderr    # which contains details for the user: @@ -55,6 +56,8 @@  - name: Verify upgrade can proceed    hosts: oo_masters_to_config:oo_nodes_to_config +  vars: +    target_version: "{{ '1.1' if deployment_type == 'origin' else '3.1' }}"    tasks:    - name: Clean package cache      command: "{{ ansible_pkg_mgr }} clean all" @@ -77,8 +80,8 @@      when: deployment_type == 'origin' and g_aos_versions.curr_version | version_compare('1.0.6','<')    - fail: -      msg: Atomic OpenShift 3.1 packages not found -    when: g_aos_versions.curr_version | version_compare('3.0.2.900','<') and (g_aos_versions.avail_version is none or g_aos_versions.avail_version | version_compare('3.0.2.900','<')) +      msg: Upgrade packages not found +    when: (g_aos_versions.avail_version | default(g_aos_versions.curr_version, true) | version_compare(target_version, '<'))    - set_fact:        pre_upgrade_complete: True @@ -235,6 +238,7 @@    - name: Ensure python-yaml present for config upgrade      action: "{{ ansible_pkg_mgr }} name=PyYAML state=present" +    when: not openshift.common.is_atomic | bool    - name: Upgrade master configuration      openshift_upgrade_config: diff --git a/playbooks/common/openshift-docker/config.yml b/playbooks/common/openshift-docker/config.yml new file mode 100644 index 000000000..092d5533c --- /dev/null +++ b/playbooks/common/openshift-docker/config.yml @@ -0,0 +1,9 @@ +- name: Configure docker hosts +  hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config +  vars: +    docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') | oo_split }}" +    docker_insecure_registries: "{{ lookup('oo_option',  'docker_insecure_registries') | oo_split }}" +    docker_blocked_registries: "{{ lookup('oo_option', 'docker_blocked_registries') | oo_split }}" +  roles: +  - openshift_facts +  - openshift_docker diff --git a/playbooks/common/openshift-docker/filter_plugins b/playbooks/common/openshift-docker/filter_plugins new file mode 120000 index 000000000..99a95e4ca --- /dev/null +++ b/playbooks/common/openshift-docker/filter_plugins @@ -0,0 +1 @@ +../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-docker/lookup_plugins b/playbooks/common/openshift-docker/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/common/openshift-docker/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-docker/roles b/playbooks/common/openshift-docker/roles new file mode 120000 index 000000000..20c4c58cf --- /dev/null +++ b/playbooks/common/openshift-docker/roles @@ -0,0 +1 @@ +../../../roles
\ No newline at end of file diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml index 6dee196e3..9a5ae0e6b 100644 --- a/playbooks/common/openshift-etcd/config.yml +++ b/playbooks/common/openshift-etcd/config.yml @@ -14,7 +14,8 @@            public_hostname: "{{ openshift_public_hostname | default(None) }}"            deployment_type: "{{ openshift_deployment_type }}"        - role: etcd -        local_facts: {} +        local_facts: +          etcd_image: "{{ osm_etcd_image | default(None) }}"    - name: Check status of etcd certificates      stat:        path: "{{ item }}" @@ -88,6 +89,7 @@    roles:    - etcd    - role: nickhammond.logrotate +    when: not openshift.common.is_containerized | bool  - name: Delete temporary directory on localhost    hosts: localhost diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index dd638487a..677c274c4 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -232,31 +232,36 @@        balance: source        servers: "{{ hostvars.localhost.haproxy_backend_servers }}"    roles: +  - role: openshift_facts    - role: haproxy      when: groups.oo_masters_to_config | length > 1 -- name: Generate master session keys +- name: Check for cached session secrets +  hosts: oo_first_master +  roles: +  - role: openshift_facts +  post_tasks: +  - openshift_facts: +      role: master +      local_facts: +          session_auth_secrets: "{{ openshift_master_session_auth_secrets | default(openshift.master.session_auth_secrets | default(None)) }}" +          session_encryption_secrets: "{{ openshift_master_session_encryption_secrets | default(openshift.master.session_encryption_secrets | default(None)) }}" + +- name: Generate master session secrets    hosts: oo_first_master +  vars: +    g_session_secrets_present: "{{ (openshift.master.session_auth_secrets | default([]) and openshift.master.session_encryption_secrets | default([])) | length > 0 }}" +    g_session_auth_secrets: "{{ [ 24 | oo_generate_secret ] }}" +    g_session_encryption_secrets: "{{ [ 24 | oo_generate_secret ] }}" +  roles: +  - role: openshift_facts    tasks: -  - fail: -      msg: "Both openshift_master_session_auth_secrets and openshift_master_session_encryption_secrets must be provided if either variable is set" -    when: (openshift_master_session_auth_secrets is defined and openshift_master_session_encryption_secrets is not defined) or (openshift_master_session_encryption_secrets is defined and openshift_master_session_auth_secrets is not defined) -  - fail: -      msg: "openshift_master_session_auth_secrets and openshift_master_encryption_secrets must be equal length" -    when: (openshift_master_session_auth_secrets is defined and openshift_master_session_encryption_secrets is defined) and (openshift_master_session_auth_secrets | length != openshift_master_session_encryption_secrets | length) -  - name: Install OpenSSL package -    action: "{{ ansible_pkg_mgr }} name=openssl state=present" -  - name: Generate session authentication key -    command: /usr/bin/openssl rand -base64 24 -    register: session_auth_output -    when: openshift_master_session_auth_secrets is undefined -  - name: Generate session encryption key -    command: /usr/bin/openssl rand -base64 24 -    register: session_encryption_output -    when: openshift_master_session_encryption_secrets is undefined -  - set_fact: -      session_auth_secret: "{{ openshift_master_session_auth_secrets | default([session_auth_output.stdout]) }}" -      session_encryption_secret: "{{ openshift_master_session_encryption_secrets | default([session_encryption_output.stdout]) }}" +  - openshift_facts: +      role: master +      local_facts: +        session_auth_secrets: "{{ g_session_auth_secrets }}" +        session_encryption_secrets: "{{ g_session_encryption_secrets }}" +    when: not g_session_secrets_present | bool  - name: Parse named certificates    hosts: localhost @@ -312,8 +317,8 @@      sync_tmpdir: "{{ hostvars.localhost.g_master_mktemp.stdout }}"      openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}"      openshift_master_count: "{{ groups.oo_masters_to_config | length }}" -    openshift_master_session_auth_secrets: "{{ hostvars[groups['oo_first_master'][0]]['session_auth_secret'] }}" -    openshift_master_session_encryption_secrets: "{{ hostvars[groups['oo_first_master'][0]]['session_encryption_secret'] }}" +    openshift_master_session_auth_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_auth_secrets }}" +    openshift_master_session_encryption_secrets: "{{ hostvars[groups.oo_first_master.0].openshift.master.session_encryption_secrets }}"    pre_tasks:    - name: Ensure certificate directory exists      file: @@ -328,6 +333,7 @@    roles:    - openshift_master    - role: nickhammond.logrotate +    when: not openshift.common.is_containerized | bool    - role: fluentd_master      when: openshift.common.use_fluentd | bool    post_tasks: @@ -356,7 +362,7 @@      cockpit_plugins: "{{ osm_cockpit_plugins | default(['cockpit-kubernetes']) }}"    roles:    - role: cockpit -    when: ( deployment_type in ['atomic-enterprise','openshift-enterprise'] ) and +    when: not openshift.common.is_containerized and ( deployment_type in ['atomic-enterprise','openshift-enterprise'] ) and        (osm_use_cockpit | bool or osm_use_cockpit is undefined )  - name: Configure flannel @@ -394,7 +400,15 @@  - name: Create services    hosts: oo_first_master +  vars: +    attach_registry_volume: "{{ groups.oo_nfs_to_config | length > 0 }}" +  pre_tasks: +  - set_fact: +      nfs_host: "{{ groups.oo_nfs_to_config.0 }}" +      registry_volume_path: "{{ hostvars[groups.oo_nfs_to_config.0].openshift.nfs.exports_dir + '/' + hostvars[groups.oo_nfs_to_config.0].openshift.nfs.registry_volume }}" +    when: attach_registry_volume | bool    roles:    - role: openshift_router      when: openshift.master.infra_nodes is defined -  #- role: openshift_registry +  - role: openshift_registry +    when: openshift.master.infra_nodes is defined and attach_registry_volume | bool diff --git a/playbooks/common/openshift-nfs/config.yml b/playbooks/common/openshift-nfs/config.yml new file mode 100644 index 000000000..e3f5c17ca --- /dev/null +++ b/playbooks/common/openshift-nfs/config.yml @@ -0,0 +1,5 @@ +--- +- name: Configure nfs hosts +  hosts: oo_nfs_to_config +  roles: +  - role: openshift_storage_nfs diff --git a/playbooks/common/openshift-nfs/filter_plugins b/playbooks/common/openshift-nfs/filter_plugins new file mode 120000 index 000000000..99a95e4ca --- /dev/null +++ b/playbooks/common/openshift-nfs/filter_plugins @@ -0,0 +1 @@ +../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-nfs/lookup_plugins b/playbooks/common/openshift-nfs/lookup_plugins new file mode 120000 index 000000000..ac79701db --- /dev/null +++ b/playbooks/common/openshift-nfs/lookup_plugins @@ -0,0 +1 @@ +../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-nfs/roles b/playbooks/common/openshift-nfs/roles new file mode 120000 index 000000000..e2b799b9d --- /dev/null +++ b/playbooks/common/openshift-nfs/roles @@ -0,0 +1 @@ +../../../roles/
\ No newline at end of file diff --git a/playbooks/common/openshift-nfs/service.yml b/playbooks/common/openshift-nfs/service.yml new file mode 100644 index 000000000..20c8ca248 --- /dev/null +++ b/playbooks/common/openshift-nfs/service.yml @@ -0,0 +1,18 @@ +--- +- name: Populate g_service_nfs host group if needed +  hosts: localhost +  gather_facts: no +  tasks: +  - fail: msg="new_cluster_state is required to be injected in this playbook" +    when: new_cluster_state is not defined + +  - name: Evaluate g_service_nfs +    add_host: name={{ item }} groups=g_service_nfs +    with_items: oo_host_group_exp | default([]) + +- name: Change state on nfs instance(s) +  hosts: g_service_nfs +  connection: ssh +  gather_facts: no +  tasks: +    - service: name=nfs-server state="{{ new_cluster_state }}" diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index 69ccb0cb8..483a7768c 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -16,6 +16,7 @@            hostname: "{{ openshift_hostname | default(None) }}"            public_hostname: "{{ openshift_public_hostname | default(None) }}"            deployment_type: "{{ openshift_deployment_type }}" +          use_flannel: "{{ openshift_use_flannel | default(None) }}"        - role: node          local_facts:            labels: "{{ openshift_node_labels | default(None) }}" @@ -181,6 +182,7 @@    - role: flannel      when: openshift.common.use_flannel | bool    - role: nickhammond.logrotate +    when: not openshift.common.is_containerized | bool    - role: fluentd_node      when: openshift.common.use_fluentd | bool    tasks: diff --git a/playbooks/gce/openshift-cluster/cluster_hosts.yml b/playbooks/gce/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..2bfcedfc9 --- /dev/null +++ b/playbooks/gce/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,22 @@ +--- +g_etcd_hosts:   "{{ (groups['tag_host-type-etcd']|default([])) +                     | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) +                     | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_lb_hosts:     "{{ (groups['tag_host-type-lb']|default([])) +                     | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) +                     | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) +                     | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) +                     | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_node_hosts:   "{{ (groups['tag_host-type-node']|default([])) +                     | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) +                     | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_nfs_hosts:    "{{ (groups['tag_host-type-nfs']|default([])) +                   | intersect((groups['tag_environment-' ~ cluster_id]|default([]))) }}" + +g_all_hosts:    "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) +                    | union(g_lb_hosts) | default([]) }}" diff --git a/playbooks/gce/openshift-cluster/config.yml b/playbooks/gce/openshift-cluster/config.yml index 5bf98c2d5..3231ecc8e 100644 --- a/playbooks/gce/openshift-cluster/config.yml +++ b/playbooks/gce/openshift-cluster/config.yml @@ -1,32 +1,16 @@  ---  # TODO: fix firewall related bug with GCE and origin, since GCE is overriding  # /etc/sysconfig/iptables - -- hosts: localhost -  gather_facts: no -  connection: local -  become: no -  vars_files: -  - vars.yml -  tasks: -  - set_fact: -      g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" -      g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" -      use_sdn: "{{ do_we_use_openshift_sdn }}" -      sdn_plugin: "{{ sdn_network_plugin }}" -  - include: ../../common/openshift-cluster/config.yml +  vars_files: +  - ../../gce/openshift-cluster/vars.yml +  - ../../gce/openshift-cluster/cluster_hosts.yml    vars: -    g_etcd_hosts:   "{{ (groups['tag_host-type-etcd']|default([]))   | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" -    g_lb_hosts:     "{{ (groups['tag_host-type-lb']|default([]))     | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" -    g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" -    g_node_hosts:   "{{ (groups['tag_host-type-node']|default([]))   | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" -    g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" -    g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" +    g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" +    g_sudo: "{{ deployment_vars[deployment_type].sudo }}"      g_nodeonmaster: true      openshift_cluster_id: "{{ cluster_id }}" -    openshift_debug_level: 2 +    openshift_debug_level: "{{ debug_level }}"      openshift_deployment_type: "{{ deployment_type }}"      openshift_hostname: "{{ gce_private_ip }}" -    openshift_use_openshift_sdn: "{{ hostvars.localhost.use_sdn  }}" -    os_sdn_network_plugin_name: "{{ hostvars.localhost.sdn_plugin }}" +    openshift_use_openshift_sdn: "{{ do_we_use_openshift_sdn }}" diff --git a/playbooks/gce/openshift-cluster/join_node.yml b/playbooks/gce/openshift-cluster/join_node.yml index ab593b897..acf5e5110 100644 --- a/playbooks/gce/openshift-cluster/join_node.yml +++ b/playbooks/gce/openshift-cluster/join_node.yml @@ -4,13 +4,9 @@    connection: local    become: no    gather_facts: no -  vars: -    g_etcd_hosts:   "{{ (groups['tag_host-type-etcd']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" -    g_lb_hosts:     "{{ (groups['tag_host-type-lb']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" -    g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" -    g_node_hosts:   "{{ (groups['tag_host-type-node']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}"    vars_files:    - vars.yml +  - cluster_hosts.yml    tasks:    - name: Evaluate oo_hosts_to_update      add_host: @@ -28,6 +24,7 @@    gather_facts: no    vars_files:    - vars.yml +  - cluster_hosts.yml    tasks:    - name: Evaluate oo_nodes_to_config      add_host: @@ -38,11 +35,11 @@    - name: Evaluate oo_first_master      add_host: -      name: "{{ g_master_hosts | first }}" +      name: "{{ master_hosts | first }}"        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"        groups: oo_first_master -    when: g_master_hosts is defined and g_master_hosts|length > 0 +    when: master_hosts is defined and master_hosts|length > 0  #- include: config.yml  - include: ../../common/openshift-node/config.yml diff --git a/playbooks/gce/openshift-cluster/list.yml b/playbooks/gce/openshift-cluster/list.yml index b9ff89c79..e67685912 100644 --- a/playbooks/gce/openshift-cluster/list.yml +++ b/playbooks/gce/openshift-cluster/list.yml @@ -7,7 +7,7 @@    vars_files:    - vars.yml    tasks: -  - set_fact: scratch_group=tag_env-{{ cluster_id }} +  - set_fact: scratch_group=tag_clusterid-{{ cluster_id }}      when: cluster_id != ''    - set_fact: scratch_group=all      when: cluster_id == '' diff --git a/playbooks/gce/openshift-cluster/service.yml b/playbooks/gce/openshift-cluster/service.yml index 337ba7e44..8925de4cb 100644 --- a/playbooks/gce/openshift-cluster/service.yml +++ b/playbooks/gce/openshift-cluster/service.yml @@ -6,6 +6,7 @@    gather_facts: no    vars_files:    - vars.yml +  - cluster_hosts.yml    tasks:    - fail: msg="cluster_id is required to be injected in this playbook"      when: cluster_id is not defined @@ -15,14 +16,14 @@        groups: g_service_nodes        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -    with_items: "{{ g_node_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}" +    with_items: "{{ node_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}"    - add_host:        name: "{{ item }}"        groups: g_service_masters        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -    with_items: "{{ g_master_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}" +    with_items: "{{ master_hosts | default([]) | difference(['localhost']) | difference(groups.status_terminated) }}"  - include: ../../common/openshift-node/service.yml  - include: ../../common/openshift-master/service.yml diff --git a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml index 2360a3263..488b62eb9 100644 --- a/playbooks/gce/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/gce/openshift-cluster/tasks/launch_instances.yml @@ -16,7 +16,8 @@      #service_account_permissions: "datastore,logging-write"      tags:        - created-by-{{ lookup('env', 'LOGNAME') |default(cluster, true) }} -      - env-{{ cluster }} +      - environment-{{ cluster_env }} +      - clusterid-{{ cluster_id }}        - host-type-{{ type }}        - sub-host-type-{{ g_sub_host_type }}    when: instances |length > 0 diff --git a/playbooks/gce/openshift-cluster/terminate.yml b/playbooks/gce/openshift-cluster/terminate.yml index f4e89983b..faa46c0d6 100644 --- a/playbooks/gce/openshift-cluster/terminate.yml +++ b/playbooks/gce/openshift-cluster/terminate.yml @@ -7,13 +7,12 @@    vars_files:    - vars.yml    tasks: -  - set_fact: scratch_group=tag_env-{{ cluster_id }}    - add_host:        name: "{{ item }}"        groups: oo_hosts_to_terminate        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -    with_items: groups[scratch_group] | default([], true) | difference(['localhost']) | difference(groups.status_terminated | default([], true)) +    with_items: (groups['tag_clusterid-' ~ cluster_id] | default([])) | difference(['localhost'])  - name: Unsubscribe VMs    hosts: oo_hosts_to_terminate diff --git a/playbooks/gce/openshift-cluster/update.yml b/playbooks/gce/openshift-cluster/update.yml index d60662397..dadceae58 100644 --- a/playbooks/gce/openshift-cluster/update.yml +++ b/playbooks/gce/openshift-cluster/update.yml @@ -1,16 +1,12 @@  ---  - name: Populate oo_hosts_to_update group    hosts: localhost -  become: no    connection: local +  become: no    gather_facts: no -  vars: -    g_etcd_hosts:   "{{ (groups['tag_host-type-etcd']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" -    g_lb_hosts:     "{{ (groups['tag_host-type-lb']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" -    g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" -    g_node_hosts:   "{{ (groups['tag_host-type-node']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}"    vars_files:    - vars.yml +  - cluster_hosts.yml    tasks:    - name: Evaluate oo_hosts_to_update      add_host: @@ -18,7 +14,7 @@        groups: oo_hosts_to_update        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user | default(ansible_ssh_user, true) }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -    with_items: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) | default([]) }}" +    with_items: "{{ g_all_hosts | default([]) }}"  - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/gce/openshift-cluster/vars.yml b/playbooks/gce/openshift-cluster/vars.yml index a8ce8eb22..7fb13c7a6 100644 --- a/playbooks/gce/openshift-cluster/vars.yml +++ b/playbooks/gce/openshift-cluster/vars.yml @@ -1,7 +1,15 @@  ---  do_we_use_openshift_sdn: true -sdn_network_plugin: redhat/openshift-ovs-subnet  +sdn_network_plugin: redhat/openshift-ovs-subnet +debug_level: 2  # os_sdn_network_plugin_name can be ovssubnet or multitenant, see https://docs.openshift.org/latest/architecture/additional_concepts/sdn.html#ovssubnet-plugin-operation + +deployment_rhel7_ent_base: +  image: rhel-7 +  machine_type: n1-standard-1 +  ssh_user: +  sudo: yes +  deployment_vars:    origin:      image: preinstalled-slave-50g-v5 @@ -13,8 +21,6 @@ deployment_vars:      machine_type: n1-standard-1      ssh_user: root      sudo: no -  enterprise: -    image: rhel-7 -    machine_type: n1-standard-1 -    ssh_user: -    sudo: yes +  enterprise: "{{ deployment_rhel7_ent_base }}" +  openshift-enterprise: "{{ deployment_rhel7_ent_base }}" +  atomic-enterprise: "{{ deployment_rhel7_ent_base }}" diff --git a/playbooks/libvirt/openshift-cluster/cluster_hosts.yml b/playbooks/libvirt/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..198a3e4e2 --- /dev/null +++ b/playbooks/libvirt/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,22 @@ +--- +g_etcd_hosts:   "{{ (groups['tag_host-type-etcd']|default([])) +                     | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) +                     | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_lb_hosts:     "{{ (groups['tag_host-type-lb']|default([])) +                     | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) +                     | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) +                     | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) +                     | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_node_hosts:   "{{ (groups['tag_host-type-node']|default([])) +                   | intersect((groups['tag_clusterid-' ~ cluster_id]|default([]))) +                   | intersect((groups['tag_environment-' ~ cluster_env]|default([]))) }}" + +g_nfs_hosts:    "{{ (groups['tag_host-type-node']|default([])) +                   | intersect((groups['tag_environment-' ~ cluster_id]|default([]))) }}" + +g_all_hosts:    "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) +                    | union(g_lb_hosts) | default([]) }}" diff --git a/playbooks/libvirt/openshift-cluster/config.yml b/playbooks/libvirt/openshift-cluster/config.yml index b84bde084..be9cbbfaa 100644 --- a/playbooks/libvirt/openshift-cluster/config.yml +++ b/playbooks/libvirt/openshift-cluster/config.yml @@ -2,26 +2,14 @@  # TODO: need to figure out a plan for setting hostname, currently the default  # is localhost, so no hostname value (or public_hostname) value is getting  # assigned - -- hosts: localhost -  gather_facts: no -  become: no -  connection: local -  vars_files: -  - vars.yml -  tasks: -  - set_fact: -      g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" -      g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" -  - include: ../../common/openshift-cluster/config.yml +  vars_files: +  - ../../libvirt/openshift-cluster/vars.yml +  - ../../libvirt/openshift-cluster/cluster_hosts.yml    vars: -    g_etcd_hosts:   "{{ (groups['tag_host-type-etcd']|default([]))   | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" -    g_lb_hosts:     "{{ (groups['tag_host-type-lb']|default([]))     | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" -    g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" -    g_node_hosts:   "{{ (groups['tag_host-type-node']|default([]))   | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" -    g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" -    g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" +    g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" +    g_sudo: "{{ deployment_vars[deployment_type].sudo }}" +    g_nodeonmaster: true      openshift_cluster_id: "{{ cluster_id }}" -    openshift_debug_level: 2 +    openshift_debug_level: "{{ debug_level }}"      openshift_deployment_type: "{{ deployment_type }}" diff --git a/playbooks/libvirt/openshift-cluster/list.yml b/playbooks/libvirt/openshift-cluster/list.yml index d89e699f2..6cb81ee79 100644 --- a/playbooks/libvirt/openshift-cluster/list.yml +++ b/playbooks/libvirt/openshift-cluster/list.yml @@ -7,7 +7,7 @@    vars_files:    - vars.yml    tasks: -  - set_fact: scratch_group=tag_env-{{ cluster_id }} +  - set_fact: scratch_group=tag_clusterid-{{ cluster_id }}      when: cluster_id != ''    - set_fact: scratch_group=all      when: cluster_id == '' diff --git a/playbooks/libvirt/openshift-cluster/tasks/configure_libvirt_storage_pool.yml b/playbooks/libvirt/openshift-cluster/tasks/configure_libvirt_storage_pool.yml index 8a67d713f..397158b9e 100644 --- a/playbooks/libvirt/openshift-cluster/tasks/configure_libvirt_storage_pool.yml +++ b/playbooks/libvirt/openshift-cluster/tasks/configure_libvirt_storage_pool.yml @@ -4,13 +4,17 @@      dest: "{{ libvirt_storage_pool_path }}"      state: directory +# We need to set permissions on the directory and any items created under the directory, so we need to call the acl module with and without default set.  - acl: -    default: yes +    default: "{{ item }}"      entity: kvm      etype: group      name: "{{ libvirt_storage_pool_path }}"      permissions: rwx      state: present +  with_items: +    - no +    - yes  - name: Test if libvirt storage pool for openshift already exists    command: "virsh -c {{ libvirt_uri }} pool-info {{ libvirt_storage_pool }}" diff --git a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml index ae8275ef6..ff1cedc94 100644 --- a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml @@ -88,7 +88,7 @@      ansible_ssh_host: '{{ item.1 }}'      ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"      ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -    groups: 'tag_env-{{ cluster }}, tag_host-type-{{ type }}, tag_sub-host-type-{{ g_sub_host_type }}' +    groups: "tag_environment-{{ cluster_env }}, tag_host-type-{{ type }}, tag_sub-host-type-{{ g_sub_host_type }}, tag_clusterid-{{ cluster_id }}"    with_together:      - instances      - ips diff --git a/playbooks/libvirt/openshift-cluster/templates/domain.xml b/playbooks/libvirt/openshift-cluster/templates/domain.xml index c4ac6a434..0ca8e0974 100644 --- a/playbooks/libvirt/openshift-cluster/templates/domain.xml +++ b/playbooks/libvirt/openshift-cluster/templates/domain.xml @@ -3,7 +3,8 @@    <memory unit='GiB'>1</memory>    <metadata xmlns:ansible="https://github.com/ansible/ansible">      <ansible:tags> -      <ansible:tag>env-{{ cluster }}</ansible:tag> +      <ansible:tag>environment-{{ cluster_env }}</ansible:tag> +      <ansible:tag>clusterid-{{ cluster }}</ansible:tag>        <ansible:tag>host-type-{{ type }}</ansible:tag>        <ansible:tag>sub-host-type-{{ g_sub_host_type }}</ansible:tag>      </ansible:tags> diff --git a/playbooks/libvirt/openshift-cluster/terminate.yml b/playbooks/libvirt/openshift-cluster/terminate.yml index a6b963608..8d845c8f2 100644 --- a/playbooks/libvirt/openshift-cluster/terminate.yml +++ b/playbooks/libvirt/openshift-cluster/terminate.yml @@ -9,7 +9,7 @@    vars_files:    - vars.yml    tasks: -  - set_fact: cluster_group=tag_env-{{ cluster_id }} +  - set_fact: cluster_group=tag_clusterid-{{ cluster_id }}    - add_host:        name: "{{ item }}"        groups: oo_hosts_to_terminate diff --git a/playbooks/libvirt/openshift-cluster/update.yml b/playbooks/libvirt/openshift-cluster/update.yml index 5e2bd3a3d..2dc540978 100644 --- a/playbooks/libvirt/openshift-cluster/update.yml +++ b/playbooks/libvirt/openshift-cluster/update.yml @@ -1,17 +1,12 @@  ---  - name: Populate oo_hosts_to_update group    hosts: localhost -  become: no    connection: local +  become: no    gather_facts: no -  vars: -    g_etcd_hosts:   "{{ (groups['tag_host-type-etcd']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" -    g_lb_hosts:     "{{ (groups['tag_host-type-lb']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" -    g_master_hosts: "{{ (groups['tag_host-type-master']|default([])) | intersect(groups['tag_env-' ~ cluster_id]) }}" -    g_node_hosts:   "{{ (groups['tag_host-type-node']|default([])) | intersect((groups['tag_env-' ~ cluster_id]|default([]))) }}" -    vars_files:    - vars.yml +  - cluster_hosts.yml    tasks:    - name: Evaluate oo_hosts_to_update      add_host: @@ -19,7 +14,7 @@        groups: oo_hosts_to_update        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -    with_items: "{{ g_master_hosts  | union(g_node_hosts) | union(g_etcd_hosts) | default([]) }}" +    with_items: "{{ g_all_hosts | default([]) }}"  - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/libvirt/openshift-cluster/vars.yml b/playbooks/libvirt/openshift-cluster/vars.yml index 67cfbcdb8..da628786b 100644 --- a/playbooks/libvirt/openshift-cluster/vars.yml +++ b/playbooks/libvirt/openshift-cluster/vars.yml @@ -3,6 +3,20 @@ libvirt_storage_pool_path: "{{ lookup('env','HOME') }}/libvirt-storage-pool-open  libvirt_storage_pool: 'openshift-ansible'  libvirt_network: openshift-ansible  libvirt_uri: 'qemu:///system' +debug_level: 2 + +# Automatic download of the qcow2 image for RHEL cannot be done directly from the RedHat portal because it requires authentication. +# The default value of image_url for enterprise and openshift-enterprise deployment types below won't work. +deployment_rhel7_ent_base: +  image: +    url:    "{{ lookup('oo_option', 'image_url') | +                default('https://access.cdn.redhat.com//content/origin/files/sha256/25/25f880767ec6bf71beb532e17f1c45231640bbfdfbbb1dffb79d2c1b328388e0/rhel-guest-image-7.2-20151102.0.x86_64.qcow2', True) }}" +    name:   "{{ lookup('oo_option', 'image_name') | +                default('rhel-guest-image-7.2-20151102.0.x86_64.qcow2', True) }}" +    sha256: "{{ lookup('oo_option', 'image_sha256') | +                default('25f880767ec6bf71beb532e17f1c45231640bbfdfbbb1dffb79d2c1b328388e0', True) }}" +  ssh_user: openshift +  sudo: yes  deployment_vars:    origin: @@ -24,18 +38,6 @@ deployment_vars:        sha256:      ssh_user: root      sudo: no -  enterprise: -    image: -      url:    "{{ lookup('oo_option', 'image_url') | -                  default('https://access.cdn.redhat.com//content/origin/files/sha256/ff/ff8198653cfd9c39411fc57077451ac291b3a605d305e905932fd6d5b1890bf3/rhel-guest-image-7.1-20150224.0.x86_64.qcow2', True) }}" -      name:   "{{ lookup('oo_option', 'image_name') | -                  default('rhel-guest-image-7.1-20150224.0.x86_64.qcow2', True) }}" -      sha256: "{{ lookup('oo_option', 'image_sha256') | -                  default('ff8198653cfd9c39411fc57077451ac291b3a605d305e905932fd6d5b1890bf3', True) }}" -    ssh_user: openshift -    sudo: yes -#  origin: -#    fedora: -#      url: "http://download.fedoraproject.org/pub/fedora/linux/releases/21/Cloud/Images/x86_64/Fedora-Cloud-Base-20141203-21.x86_64.qcow2" -#      name: Fedora-Cloud-Base-20141203-21.x86_64.qcow2 -#      sha256: 3a99bb89f33e3d4ee826c8160053cdb8a72c80cd23350b776ce73cd244467d86 +  enterprise: "{{ deployment_rhel7_ent_base }}" +  openshift-enterprise: "{{ deployment_rhel7_ent_base }}" +  atomic-enterprise: "{{ deployment_rhel7_ent_base }}" diff --git a/playbooks/openstack/openshift-cluster/cluster_hosts.yml b/playbooks/openstack/openshift-cluster/cluster_hosts.yml new file mode 100644 index 000000000..bc586d983 --- /dev/null +++ b/playbooks/openstack/openshift-cluster/cluster_hosts.yml @@ -0,0 +1,22 @@ +--- +g_etcd_hosts:   "{{ (groups['tag_host-type_etcd']|default([])) +                     | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) +                     | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_lb_hosts:     "{{ (groups['tag_host-type_lb']|default([])) +                     | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) +                     | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) +                     | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) +                     | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_node_hosts:   "{{ (groups['tag_host-type_node']|default([])) +                   | intersect((groups['tag_clusterid_' ~ cluster_id]|default([]))) +                   | intersect((groups['tag_environment_' ~ cluster_env]|default([]))) }}" + +g_nfs_hosts:  "{{ (groups['tag_host-type_nfs']|default([])) +                   | intersect((groups['tag_environment_' ~ cluster_id]|default([]))) }}" + +g_all_hosts:    "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) +                    | union(g_lb_hosts) | default([]) }}" diff --git a/playbooks/openstack/openshift-cluster/config.yml b/playbooks/openstack/openshift-cluster/config.yml index da7b5cc49..b338d2eb4 100644 --- a/playbooks/openstack/openshift-cluster/config.yml +++ b/playbooks/openstack/openshift-cluster/config.yml @@ -1,23 +1,13 @@ -- hosts: localhost -  gather_facts: no -  become: no -  connection: local -  vars_files: -  - vars.yml -  tasks: -  - set_fact: -      g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}" -      g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}" - +---  - include: ../../common/openshift-cluster/config.yml +  vars_files: +  - ../../openstack/openshift-cluster/vars.yml +  - ../../openstack/openshift-cluster/cluster_hosts.yml    vars: -    g_etcd_hosts:   "{{ (groups['tag_host-type_etcd']|default([]))   | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" -    g_lb_hosts:     "{{ (groups['tag_host-type_lb']|default([]))     | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" -    g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" -    g_node_hosts:   "{{ (groups['tag_host-type_node']|default([]))   | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" -    g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}" -    g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}" +    g_nodeonmaster: true +    g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}" +    g_sudo: "{{ deployment_vars[deployment_type].sudo }}"      openshift_cluster_id: "{{ cluster_id }}" -    openshift_debug_level: 2 +    openshift_debug_level: "{{ debug_level }}"      openshift_deployment_type: "{{ deployment_type }}"      openshift_hostname: "{{ ansible_default_ipv4.address }}" diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml index bfd73c777..4f6a59a30 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack.yaml @@ -4,6 +4,11 @@ description: OpenShift cluster  parameters: +  cluster_env: +    type: string +    label: Cluster environment +    description: Environment of the cluster +    cluster_id:      type: string      label: Cluster ID @@ -345,13 +350,14 @@ resources:                params:                  cluster_id: { get_param: cluster_id }                  k8s_type: etcd -          cluster_id: { get_param: cluster_id } -          type:       etcd -          image:      { get_param: etcd_image } -          flavor:     { get_param: etcd_flavor } -          key_name:   { get_resource: keypair } -          net:        { get_resource: net } -          subnet:     { get_resource: subnet } +          cluster_env: { get_param: cluster_env } +          cluster_id:  { get_param: cluster_id } +          type:        etcd +          image:       { get_param: etcd_image } +          flavor:      { get_param: etcd_flavor } +          key_name:    { get_resource: keypair } +          net:         { get_resource: net } +          subnet:      { get_resource: subnet }            secgrp:              - { get_resource: etcd-secgrp }            floating_network: { get_param: floating_ip_pool } @@ -375,13 +381,14 @@ resources:                params:                  cluster_id: { get_param: cluster_id }                  k8s_type: master -          cluster_id: { get_param: cluster_id } -          type:       master -          image:      { get_param: master_image } -          flavor:     { get_param: master_flavor } -          key_name:   { get_resource: keypair } -          net:        { get_resource: net } -          subnet:     { get_resource: subnet } +          cluster_env: { get_param: cluster_env } +          cluster_id:  { get_param: cluster_id } +          type:        master +          image:       { get_param: master_image } +          flavor:      { get_param: master_flavor } +          key_name:    { get_resource: keypair } +          net:         { get_resource: net } +          subnet:      { get_resource: subnet }            secgrp:              - { get_resource: master-secgrp }            floating_network: { get_param: floating_ip_pool } @@ -406,14 +413,15 @@ resources:                  cluster_id: { get_param: cluster_id }                  k8s_type: node                  sub_host_type: compute -          cluster_id: { get_param: cluster_id } -          type:       node -          subtype:    compute -          image:      { get_param: node_image } -          flavor:     { get_param: node_flavor } -          key_name:   { get_resource: keypair } -          net:        { get_resource: net } -          subnet:     { get_resource: subnet } +          cluster_env: { get_param: cluster_env } +          cluster_id:  { get_param: cluster_id } +          type:        node +          subtype:     compute +          image:       { get_param: node_image } +          flavor:      { get_param: node_flavor } +          key_name:    { get_resource: keypair } +          net:         { get_resource: net } +          subnet:      { get_resource: subnet }            secgrp:              - { get_resource: node-secgrp }            floating_network: { get_param: floating_ip_pool } @@ -438,14 +446,15 @@ resources:                  cluster_id: { get_param: cluster_id }                  k8s_type: node                  sub_host_type: infra -          cluster_id: { get_param: cluster_id } -          type:       node -          subtype:    infra -          image:      { get_param: infra_image } -          flavor:     { get_param: infra_flavor } -          key_name:   { get_resource: keypair } -          net:        { get_resource: net } -          subnet:     { get_resource: subnet } +          cluster_env: { get_param: cluster_env } +          cluster_id:  { get_param: cluster_id } +          type:        node +          subtype:     infra +          image:       { get_param: infra_image } +          flavor:      { get_param: infra_flavor } +          key_name:    { get_resource: keypair } +          net:         { get_resource: net } +          subnet:      { get_resource: subnet }            secgrp:              - { get_resource: node-secgrp }              - { get_resource: infra-secgrp } diff --git a/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml b/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml index 3f24a3e45..f83f2c984 100644 --- a/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml +++ b/playbooks/openstack/openshift-cluster/files/heat_stack_server.yaml @@ -9,6 +9,11 @@ parameters:      label: Name      description: Name +  cluster_env: +    type: string +    label: Cluster environment +    description: Environment of the cluster +    cluster_id:      type: string      label: Cluster ID @@ -105,7 +110,8 @@ resources:        user_data: { get_file: user-data }        user_data_format: RAW        metadata: -        env: { get_param: cluster_id } +        environment: { get_param: cluster_env } +        clusterid: { get_param: cluster_id }          host-type: { get_param: type }          sub-host-type:    { get_param: subtype } diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml index 876ca595a..fdcb77acc 100644 --- a/playbooks/openstack/openshift-cluster/launch.yml +++ b/playbooks/openstack/openshift-cluster/launch.yml @@ -29,6 +29,7 @@    - name: Create or Update OpenStack Stack      command: 'heat {{ heat_stack_action }} -f {{ openstack_infra_heat_stack }} +             -P cluster_env={{ cluster_env }}               -P cluster_id={{ cluster_id }}               -P cidr={{ openstack_network_cidr }}               -P dns_nameservers={{ openstack_network_dns | join(",") }} @@ -71,7 +72,7 @@        ansible_ssh_host: '{{ item[2] }}'        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -      groups: 'tag_env_{{ cluster_id }}, tag_host-type_etcd, tag_sub-host-type_default' +      groups: 'tag_environment_{{ cluster_env }}, tag_host-type_etcd, tag_sub-host-type_default, tag_clusterid_{{ cluster_id }}'      with_together:        - parsed_outputs.etcd_names        - parsed_outputs.etcd_ips @@ -83,7 +84,7 @@        ansible_ssh_host: '{{ item[2] }}'        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -      groups: 'tag_env_{{ cluster_id }}, tag_host-type_master, tag_sub-host-type_default' +      groups: 'tag_environment_{{ cluster_env }}, tag_host-type_master, tag_sub-host-type_default, tag_clusterid_{{ cluster_id }}'      with_together:        - parsed_outputs.master_names        - parsed_outputs.master_ips @@ -95,7 +96,7 @@        ansible_ssh_host: '{{ item[2] }}'        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -      groups: 'tag_env_{{ cluster_id }}, tag_host-type_node, tag_sub-host-type_compute' +      groups: 'tag_environment_{{ cluster_env }}, tag_host-type_node, tag_sub-host-type_compute, tag_clusterid_{{ cluster_id }}'      with_together:        - parsed_outputs.node_names        - parsed_outputs.node_ips @@ -107,7 +108,7 @@        ansible_ssh_host: '{{ item[2] }}'        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -      groups: 'tag_env_{{ cluster_id }}, tag_host-type_node, tag_sub-host-type_infra' +      groups: 'tag_environment_{{ cluster_env }}, tag_host-type_node, tag_sub-host-type_infra, tag_clusterid_{{ cluster_id }}'      with_together:        - parsed_outputs.infra_names        - parsed_outputs.infra_ips diff --git a/playbooks/openstack/openshift-cluster/list.yml b/playbooks/openstack/openshift-cluster/list.yml index 436d3e6f7..123ebd323 100644 --- a/playbooks/openstack/openshift-cluster/list.yml +++ b/playbooks/openstack/openshift-cluster/list.yml @@ -7,7 +7,7 @@    vars_files:    - vars.yml    tasks: -  - set_fact: scratch_group=tag_env_{{ cluster_id }} +  - set_fact: scratch_group=tag_clusterid_{{ cluster_id }}      when: cluster_id != ''    - set_fact: scratch_group=all      when: cluster_id == '' diff --git a/playbooks/openstack/openshift-cluster/terminate.yml b/playbooks/openstack/openshift-cluster/terminate.yml index 2a7f04505..d4ab51fa7 100644 --- a/playbooks/openstack/openshift-cluster/terminate.yml +++ b/playbooks/openstack/openshift-cluster/terminate.yml @@ -6,13 +6,12 @@    vars_files:    - vars.yml    tasks: -  - set_fact: cluster_group=tag_env_{{ cluster_id }}    - add_host:        name: "{{ item }}"        groups: oo_hosts_to_terminate        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -    with_items: groups[cluster_group] | default([]) +    with_items: (groups['tag_environment_' ~ cluster_env]|default([])) | intersect(groups['tag_clusterid_' ~ cluster_id ]|default([]))  - name: Unsubscribe VMs    hosts: oo_hosts_to_terminate diff --git a/playbooks/openstack/openshift-cluster/update.yml b/playbooks/openstack/openshift-cluster/update.yml index 4ecf75a5d..2dc540978 100644 --- a/playbooks/openstack/openshift-cluster/update.yml +++ b/playbooks/openstack/openshift-cluster/update.yml @@ -1,17 +1,12 @@  ---  - name: Populate oo_hosts_to_update group    hosts: localhost -  become: no    connection: local +  become: no    gather_facts: no -  vars: -    g_etcd_hosts:   "{{ (groups['tag_host-type_etcd']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" -    g_lb_hosts:     "{{ (groups['tag_host-type_lb']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" -    g_master_hosts: "{{ (groups['tag_host-type_master']|default([])) | intersect(groups['tag_env_' ~ cluster_id]) }}" -    g_node_hosts:   "{{ (groups['tag_host-type_node']|default([])) | intersect((groups['tag_env_' ~ cluster_id]|default([]))) }}" -    vars_files:    - vars.yml +  - cluster_hosts.yml    tasks:    - name: Evaluate oo_hosts_to_update      add_host: @@ -19,7 +14,7 @@        groups: oo_hosts_to_update        ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"        ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}" -    with_items: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) | default([]) }}" +    with_items: "{{ g_all_hosts | default([]) }}"  - include: ../../common/openshift-cluster/update_repos_and_packages.yml diff --git a/playbooks/openstack/openshift-cluster/vars.yml b/playbooks/openstack/openshift-cluster/vars.yml index e3796c91f..76cde1706 100644 --- a/playbooks/openstack/openshift-cluster/vars.yml +++ b/playbooks/openstack/openshift-cluster/vars.yml @@ -1,4 +1,5 @@  --- +debug_level: 2  openstack_infra_heat_stack:     "{{ lookup('oo_option', 'infra_heat_stack' ) |                                      default('files/heat_stack.yaml',         True) }}"  openstack_network_cidr:         "{{ lookup('oo_option', 'net_cidr'         ) | @@ -19,6 +20,11 @@ openstack_flavor:    infra:  "{{ lookup('oo_option', 'infra_flavor'     ) | default('m1.small',  True) }}"    node:   "{{ lookup('oo_option', 'node_flavor'      ) | default('m1.medium', True) }}" +deployment_rhel7_ent_base: +  image: "{{ lookup('oo_option', 'image_name') | default('rhel-guest-image-7.2-20151102.0.x86_64', True) }}" +  ssh_user: openshift +  sudo: yes +  deployment_vars:    origin:      image: "{{ lookup('oo_option', 'image_name') | default('centos-70-raw', True) }}" @@ -28,7 +34,6 @@ deployment_vars:      image:      ssh_user: root      sudo: no -  enterprise: -    image: "{{ lookup('oo_option', 'image_name') | default('rhel-guest-image-7.1-20150224.0.x86_64', True) }}" -    ssh_user: openshift -    sudo: yes +  enterprise: "{{ deployment_rhel7_ent_base }}" +  openshift-enterprise: "{{ deployment_rhel7_ent_base }}" +  atomic-enterprise: "{{ deployment_rhel7_ent_base }}" | 
